185 matches found
EUVD-2022-35031
Malicious code in bioql PyPI...
EUVD-2022-35030
Malicious code in bioql PyPI...
EUVD-2022-35034
Malicious code in bioql PyPI...
EUVD-2022-35032
Malicious code in bioql PyPI...
CVE-2022-2793
Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulenrable to CWE-353 Missing Support for Integrity Check, and has no authentication or authorization of data packets after establishing a connection for the SRTP protocol...
CVE-2022-2792
Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulenrable to CWE-284 Improper Access Control, and stores project data in a directory with improper access control lists...
CVE-2022-2791
Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulnerable to CWE-434 Unrestricted Upload of File with Dangerous Type, and will upload any file written into the PLC logic folder to the connected PLC...
CVE-2022-2790
Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulenrable to CWE-347 Improper Verification of Cryptographic Signature, and does not properly verify compiled logic PDT files and data blocks data BLD/BLK files...
CVE-2022-2789
Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulnerable to CWE-345 Insufficient Verification of Data Authenticity, and can display logic that is different than the compiled logic...
CVE-2022-2788
Emerson Electric's Proficy Machine Edition Version 9.80 and prior is vulnerable to CWE-29 Path Traversal: '\..\Filename', also known as a ZipSlip attack, through an upload procedure which enables attackers to implant a malicious .BLZ file on the PLC. The file can transfer through the engineering...
The vulnerability of the software for creating and managing graphical user interfaces for Rockwell Automation FactoryTalk View Machine Edition (ME) devices lies in the lack of authentication procedures. This allows attackers to escalate their privileges and execute arbitrary code.
The vulnerability of the software for creating and managing graphical user interfaces for Rockwell Automation FactoryTalk View Machine Edition industrial devices is related to deficiencies in the authentication process. Exploiting this vulnerability can allow attackers to enhance their privileges...
The vulnerability of the software for creating and managing graphical user interfaces for Rockwell Automation FactoryTalk View Machine Edition industrial devices lies in the lack of measures taken to neutralize special elements used in the operating system’s commands. This allows a perpetrator to execute arbitrary code.
The vulnerability of the software for creating and managing graphical user interfaces on Rockwell Automation’s FactoryTalk View Machine Edition devices is related to the failure to take measures to neutralize special elements used in the operating system commands. Exploiting this vulnerability ca...
CVE-2025-24479 FactoryTalk® View Machine Edition - Local Code Injection
A Local Code Execution Vulnerability exists in the product and version listed above. The vulnerability is due to a default setting in Windows and allows access to the Command Prompt as a higher privileged user...
Microsoft Uncovers Critical Flaws in Rockwell Automation PanelView Plus
Microsoft has revealed two security flaws in Rockwell Automation PanelView Plus that could be weaponized by remote, unauthenticated attackers to execute arbitrary code and trigger a denial-of-service DoS condition. "The remote code execution vulnerability in PanelView Plus involves two custom...
The vulnerability of the software for creating and managing graphical user interfaces on Rockwell Automation’s FactoryTalk View Machine Edition systems, related to lack of access control, allows a intruder to trigger a service failure on the operator panel.
The vulnerability of the software for creating and managing graphical user interfaces on Rockwell Automation’s FactoryTalk View Machine Edition industrial devices is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to cause malfunctions in the...
Vulnerability fixed in Rockwell Automation FactoryTalk
Rockwell has fixed a vulnerability in Factory Talk View Machine Edition. An unauthenticated malicious person could exploit the exploit the vulnerability to execute arbitrary code on the vulnerable system. For successful exploitation, the malicious party must have access to the production network...
CVE-2023-2071
Rockwell Automation FactoryTalk View Machine Edition on the PanelView Plus, improperly verifies user’s input, which allows unauthenticated attacker to achieve remote code executed via crafted malicious packets. The device has the functionality, through a CIP class, to execute exported functions...
Design/Logic Flaw
Rockwell Automation FactoryTalk View Machine Edition on the PanelView Plus, improperly verifies user’s input, which allows unauthenticated attacker to achieve remote code executed via crafted malicious packets. The device has the functionality, through a CIP class, to execute exported functions...
CVE-2023-2071
CVE-2023-2071 affects Rockwell Automation FactoryTalk View Machine Edition on PanelView Plus. It describes improper input validation that lets an unauthenticated attacker achieve remote code execution by sending crafted packets; the device can execute exported functions via a CIP class, and an at...
CVE-2023-2071 FactoryTalk View Machine Edition Vulnerable to Remote Code Execution
Rockwell Automation FactoryTalk View Machine Edition on the PanelView Plus, improperly verifies user’s input, which allows unauthenticated attacker to achieve remote code executed via crafted malicious packets. The device has the functionality, through a CIP class, to execute exported functions...